Internet

TÜV Trust IT using a special designed methodology tested the security functions of IE 8. More information can be found here (the page is in German). This validation comes one week after the annual Pwn2Own contest at the CanSecWest security show which took place in Vancouver where researchers demonstrated that they could hack a non-jailbroken iPhone, Safari running on Snow Leopard and Internet Explorer 8 and Firefox on Windows 7.

To hack IE 8, Peter Vreugdenhil (an independent security researcher from the Netherlands) said he exploited two vulnerabilities in a four-part attack that involved bypassing ASLR (Address Space Layout Randomization) and evading DEP (Date Execution Prevention), which are designed to help stop attacks on the browser.

On the 12th of January an article was published on the Official Google Blog, titled “A new approach to China” through which David Drummond, Corporate Development and Chief Legal Officer, states that Google is going to consider whether it will withdraw its presence from China due to hacking/phishing attacks targeting its systems. The purpose of the attacks was the access Gmail accounts of users who are advocates of human rights in China. The attacks also targeted at least twenty other large companies from a wide range of businesses–including the Internet, finance, technology, media and chemical sectors. McAfee vise president of threat research, Dmitri Alperovitch, while talking about the attacks he said that they totally change the threat model because of the unprecedented tactics used that combined encryption, stealth programming and a previously unknown hole in Internet Explorer 6.

David Drummond states that Google will reconsider whether it will comply from now onwards with the Chinese laws which ask for certain restrictions over the results the Google.cn returns and as mentioned before, its presence in China closing its offices in the country. The China Daily article titled China seeks clarity on Google’s intentions criticizes that move, raising concerns about the 700 employees the company has in Beijing while also questioning whether Google has to think whether it can be flexible enough to adapt to China instead of working in the US way which is characterized as non-flexible.

Google’s move is thought to be significant, and many free-speech and human rights groups hope that many other companies will take a similar stand. So, Google gained the support of those groups, it is going to lose the $600 million (estimated by JP Morgan for this year) revenue gained from the country and off course its presence in one of the most developing countries in terms of Internet growth (the Internet users number increased from 10 million to 340 million in a decade). One reason though for Google’s move can be the losing of the search-market battle inside China to the domestic brand Baidu.

Throughout the presence of Google in China, there were several cases in which the government would block services outside the country, sometimes also blocking Youtube which is based outside China. One case is described in this Guargian article, were the government blocked access to Google services in June 2009, amongst which Gmail in order for the authorities to warn Google to scale back its search operations. The main reason the authorities used for blocking Google, was that it provided links to pornographic websites through its search engine.

A Washington Post article titled “Google vs. China” also connects the Google case with the Obama administration which has been slow to embrace the cause of Internet freedom. The case is thought to be both human rights related and also a trade issue because Beijing makes it difficult for foreign companies to compete the domestic ones. Secretary of State Hillary Rodham Clinton also issued a statement on the 12 of January saying the Chinese government would be asked about the cyber-attacks reported by Google.

A recent article (December 28th) in the Financial Times titled “O2 apologises for snags in London network” is thought to describe a new problem mobile network companies will have to face in the near future, related with the new services provided through the smartphone/pda style phones.

The mobile companies around the globe have invested in new services which are mainly offered through the “smart” phones, enabling the users to access Internet services easily (e.g. Apple iPhone, Blackberry). It seems though that the same services that can help the mobile network companies to increase their profits, they can easily become a threat. This happened to O2, the largest mobile operator in UK, which has been facing network problems since summer, since its customers face difficulties in accessing the network and make phone calls. This problem is said to be experienced only in the area of London, while the problem will be solved by the company by installing 200 additional base stations in the area, increasing the capacity of the network. The article also mentions that O2 will work together with Apple and Research in Motion (Blackberry maker) to optimize the network by gaining knowledge on which applications could place heavy demands on the network.

Other mobile operators around the globe will face the same problem in the near future. The New York Times have recently mentioned that AT&T faced similar problems in providing services to iPhone users.

This incidents shows that the mobile operators have to include new aspects in their investments since the applications used by the customers have increased significantly since the old times that users were using only voice and text services.

Finally, it seems that the increase in the demand of the “new” services is quicker than the process companies follow to examine and then assess possible risks about the network.